The following are videos of the presentations from the Outerzone 2011 hacker conference. Thanks to Skydog, Robin, Scott, SomeNinjaMaster and the Hacker Consortium crew for the con. Also thanks to Seeblind and others for doing AV. I’m looking forward to Skydogcon and working with the guys again at Derbycon.

Sqlite is the ubiquitous database for iPad, iPhone and Android applications. It is also used by certain internet browsers, web application frameworks, and software products for their local storage needs. While doing penetration tests, we often see sensitive information like usernames, passwords, account numbers, SSN etc… insecurely stored in these databases. Thus, every penetration test requires comprehensive analysis of the local databases being used.

There were virtually no traces of Duqu since then. But several days ago our colleagues in Symantec announced that they found a new “in-the-wild” driver that is very similar to known Duqu drivers. Previous modifications of Duqu drivers were compiled on Nov 3 2010 and Oct 17 2011, and the new driver was compiled on Feb 23 2012.

You will notice that for the PowerShell commands I use the word Cmdlet, that is how Microsoft calls and spells the word. In a PowerShell shell you can execute regular windows commands in addition to the cmdlets and most work without any problem some may experience problems depending on the parameters used since PowerShell uses space as a delimiter so do keep this in mind when you are running local exe files.

Web application security is a serious and an important topic to discuss nowadays, since hacking attacks are common. There are hundreds and thousands of tutorials available on blogs and forums that can help an attacker hack into a web application.

“The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox. ZAProxy provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually.”

It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing as well as being a useful addition to an experienced pen testers toolbox.

The Offensive (Web, etc) Testing Framework (aka OWTF) is an OWASP+PTES-focused try to unite great tools and make penetration testing more efficient. The purpose of this tool is to automate the manual, uncreative part of penetration testing.

Spooftooph is designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain site. Bluetooth scanning software will only list one of the devices if more than one device in range shares the same device information when the devices are in Discoverable Mode (specificaly the same Address).

Wireshark is the world’s foremost network protocol analyzer. It lets you capture and interactively browse the traffic running on a computer network. It is the de facto (and often de jure) standard across many industries and educational institutions.

Kautilya is a toolkit which provides various payloads for Teensy device which may help in breaking in a computer. The toolkit is written in Ruby and currently contains all Windows payloads written mostly in powershell.

Creepy is an application that allows you to gather geolocation related information about users from social networking platforms and image hosting services. The information is presented in a map inside the application where all the retrieved data is shown accompanied with relevant information (i.e. what was posted from that specific location) to provide context to the presentation.

Set your iPhone to require a four-digit passcode, and it may keep your private information safe from the prying eyes of the taxi driver whose cab you forget it in. But if law enforcement is determined to see the data you’ve stored on your smartphone, those four digits will slow down the process of accessing it by less than two minutes.

A report came out last fall suggesting that repeating one number in the iPhone’s four-digit security PIN made for better protection than using all unique numbers. However, that little trick doesn’t seem to go very far with Micro Systemation, a Swedish security firm that helps police and military around the world crack digital security systems.

I saw many misunderstanding about MS12-020 bug. Here is my quick explanation (hope it is clear). There are 2 bugs for this bulletin. One is RCE (CVE-2012-0002). Another one is DoS (CVE-2012-0152). I use the diff result from work of people in IRC (freenode#MS12-020) http://pastie.org/private/4egcqt9nucxnsiksudy5dw.

Since the public release of Microsoft’s MS12-020 bulletin, there have been plenty of attempts to exploit vulnerabilities in the Remote Desktop Protocol (RDP). Last week, we received a related sample, which turned out to be a tool called “RDPKill by: Mark DePalma” that was designed to kill targeted RDP service.

One fine night in November 2011 I got an opportunity to get my hands dirty, working on a project for the United States Federal Bureau of Investigation (FBI). They were planning to seize a bunch of computing assets in New York City that were being used as part of a criminal empire that we called “DNS Changer” since that was the name of the software this gang used to infect a half million or so computers. I work for Internet Systems Consortium (ISC), a small non-profit company headquartered in California.

If your computer is running Java and you have not updated to the latest version, you may be asking for trouble: A powerful exploit that takes advantage of a newly-disclosed security hole in Java has been rolled into automated exploit kits and is rapidly increasing the success rates of these tools in attacking vulnerable Internet users.

Microsoft employees, accompanied by United States marshals, raided two nondescript office buildings in Pennsylvania and Illinois on Friday, aiming to disrupt one of the most pernicious forms of online crime today — botnets, or groups of computers that help harvest bank account passwords and other personal information from millions of other computers.

Microsoft today announced the execution of a carefully planned takedown of dozens of botnets powered by ZeuS and SpyEye — powerful banking Trojans that have helped thieves steal more than $100 million from small to mid-sized businesses in the United States and abroad.

Cybercriminals have built hundreds of botnets using variants of Zeus malware. For this action – codenamed Operation b71 – we focused on botnets using Zeus, SpyEye and Ice-IX variants of the Zeus family of malware, known to cause the most public harm and which experts believe are responsible for nearly half a billion dollars in damages.

VISA and MasterCard are alerting banks across the country about a recent major breach at a U.S.-based credit card processor. Sources in the financial sector are calling the breach “massive,” and say it may involve more than 10 million compromised card numbers.

Hackers broke into the database for a military dating Web site and stole passwords, e-mail addresses, and other information from nearly 171,000 accounts, according to a post on the Pastebin site this weekend

Spam and several of the most common vulnerabilities are on the decline, according to a report issued this week, but there has been a marked increase in new types of attacks, such as shell command injection and automated password guessing.

Adobe has issued a security update for its Flash Player software that fixes at least two critical vulnerabilities in the widely-used program. At long last, this latest version also includes an auto-updating mechanism designed to streamline the deployment of Flash security fixes across multiple browsers.

This morning I testified at the U.S.-China Economic and Security Review Commission at a hearing on Developments in China’s Cyber and Nuclear Capabilities. In the picture taken by Mrs Bejtlich (thanks for attending!) I’m seated at the far right. To my left is Nart Villeneuve. To his left is Jason Healey.

Until this week, no one has ever confirmed publicly what everyone has suspected all along: that China was behind the advanced attack against RSA’s SecurID systems last year. That was the revelation by the head of the U.S. Cyber Command in a Congressional hearing on Tuesday.

Bruce Schneier, a vocal critic of security measures used by the Transportation Security Administration, was asked to testify before Congress about TSA’s security screening initiatives but then was “formally uninvited” after the agency complained.

The NSA continued to downplay its role in the cyberdefense of private networks when Gen. Keith Alexander told a Senate committee Tuesday that his intelligence agency absolutely did not want to be lurking in private networks monitoring data for threats.

The Arab Spring has had yet another consequence—satellite jamming, and the practice is serious enough to threaten the satellite operators’ business. Two operators, Arabsat and Nilesat, complained about the jamming in the Satellite 2012 Conference in Washington, D.C. last week, according to an article in Space News.

The proposed directive, which was backed by 50 votes at the European Parliament’s Civil Liberties Committee compared to one against, would mean the UK would no longer rely on the Computer Misuse Act that currently has a maximum sentence of two years for a single breach of systems.

Leave A Comment

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.